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DETAILED ACTION 

This Office Action is in response to the Applicant's Remarks and Amendments 
filed March 3, 2008. 

Claims 1-30 are pending and herein considered. 



Response to Arguments 

Applicant's arguments with respect to the rejection(s) of claim(s) 1-30 under 
"Cameron Ginter" have been fully considered and are persuasive. Therefore, the 
rejection has been withdrawn. However, upon further consideration, a new ground(s) of 
rejection is made in view of United States Patent Application Publication No. 
2007/0226807 A1 to Ginter et al. 



Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 



(e) the invention was described in (1 ) an application for patent, published under section 1 22(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351 (a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

Claims 1-30 are rejected under 35 U.S.C. 102(e) as being anticipated by 



United States Patent Application Publication No. 2007/0226807 A1 to Ginter et al. 
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As per claim 1, Ginter teaches a method for partitioning of cryptographic 
functionality so as to permit delegation of at least one of a plurality of distinct portions of 
the cryptographic functionality from a delegating device to at least one recipient device, 
the cryptographic functionality being characterized as a graph comprising a plurality of 
nodes, the method comprising the steps of (pars 73-74): 

associating a given set of the nodes with a corresponding one of the plurality of 
distinct portions of the cryptographic functionality (pars 74, 92); and 

transmitting from the delegating device to the recipient device information 
representative of one or more of the nodes (pars 110, 112), 

the recipient device being configured based on the transmitted information for 
authorized execution of a corresponding one of the plurality of distinct portions of the 
cryptographic functionality (pars 74, 1114, 2187). 

As per claim 2, Ginter teaches wherein at least one of the nodes of the graph 
corresponds to a seed the possession of which permits execution of a corresponding 
one of the distinct portions of the cryptographic functionality (pars 610, 1452, 1519, 
1521). 

As per claim 3, Ginter teaches wherein the transmitting step further comprises 
transmitting from the delegating device to the recipient device information 
representative of at least two of the nodes (pars 74, 92, 1548, 2099, 2240). 
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As per claim 4, Ginter teaches wherein the transmitting step further comprises 
transmitting from the delegating device to the recipient device information 
representative of at least one parent node of the graph (pars 2142, 2257, 2258, 2263). 

As per claim 5, Ginter teaches wherein the transmitting step further comprises 
transmitting from the delegating device to the recipient device information 
representative of at least one child node of a parent node of the graph (pars 21 42, 
2257, 2258, 2263). 

As per claim 6, Ginter teaches wherein the graph comprises at least first and 
second root nodes (pars 2142, 2257, 2258, 2263). 

As per claim 7, Ginter teaches wherein the graph comprises a tree having at 
least first and second subtrees associated with respective first and second ones of the 
plurality of distinct portions of the cryptographic functionality (pars 590, 1548, 2099, 
2240 ). 

As per claim 8, Ginter teaches wherein the graph comprises a chain (pars 59, 
83, 107, 137, 148, 181, 189). 

As per claim 9, Ginter teaches wherein the graph comprises L levels of nodes, 
an Lth one of the levels comprising a parent node v.sub.L,1 , and a first one of these 
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levels comprising a set of seeds v.sub.1 ,1 , v.sub.1 ,2, . . . v.sub.1 ,n, where n is the total 
number of seeds, each of the seeds being derivable from the parent node (pars 610, 
1452, 1519, 1521). 

As per claim 10, Ginter teaches wherein an ith node of a kth one of the levels is 
computed as f.sub.k(i, v.sub.k+1), where f.sub.k is a one-way function (pars 610, 1452, 
1519, 1521). 

As per claim 1 1 , Ginter teaches wherein the nodes of one or more of the levels 
are arranged in the form of tuples of designated numbers of nodes (pars 610, 1452, 
1519, 1521). 

As per claim 12, Ginter teaches wherein the ith node of a jth tuple of the kth level 
is computed as f.sub.k(j, i, v.sub.k+1,j) (pars 610, 1452, 1519, 1521). 

As per claim 13, Ginter teaches wherein the cryptographic functionality 
comprises a cryptographic functionality provided by a hardware-based authentication 
token (pars 74, 1114, 2187). 

As per claim 14, Ginter teaches wherein the cryptographic functionality 
comprises an ability to verify at least one of an authentication code and a distress code 
generated by a hardware-based authentication token (pars 74, 1114, 2187). 
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As per claim 15, Ginter teaches wherein the authentication token is configured to 
store at least two seeds, and the cryptographic functionality comprises a verification 
operation performed collaboratively by at least first and second servers each storing 
one of the seeds (pars 51 0, 1 452). 

As per claim 16, Ginter teaches wherein the cryptographic functionality 
comprises an ability to generate at least one of an authentication code and a distress 
code utilizing a hardware-based authentication token (pars 74, 1114, 2187). 

As per claim 17, Ginter teaches wherein the cryptographic functionality 
comprises at least one of an ability to verify a signature and an ability to generate a 
signature (pars 74, 1 69, 572, 1 1 1 4). 

As per claim 18, Ginter teaches wherein the cryptographic functionality 
comprises an ability to generate one or more values of a one-way chain (pars 59, 83, 
107, 137, 148, 181, 189). 

As per claim 19, Ginter teaches wherein the cryptographic functionality 
comprises an ability to perform symmetric cryptographic operations (pars 1452, 1518- 
1525). 
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As per claim 20, Ginter teaches wherein the cryptographic functionality 
comprises an ability to perform asymmetric cryptographic operations (pars 503-505, 
1452, 1518-1525) . 

As per claim 21, Ginter teaches wherein the cryptographic functionality 
comprises an ability to derive one or more cryptographic keys (pars 503-505, 1452, 
1518-1525). 

As per claim 22, Ginter teaches wherein the cryptographic functionality 
comprises an ability to compute one or more seeds (pars 61 0, 1 452, 1 51 9, 1 521 ). 

As per claim 23, Ginter teaches wherein at least one of the seeds corresponds 
to at least one of the nodes of the graph (pars 51 0, 1 452, 1 51 9, 2521 ). 

As per claim 24, Ginter teaches wherein the cryptographic functionality is 
partitioned in accordance with a subscription model which requires compliance with at 
least one specified criterion for transmission from the delegating device to the recipient 
device of the information representative of one or more of the nodes (pars 1548, 2099, 
2240). 

As per claim 25, Ginter teaches wherein compliance with the specified criterion 
is satisfied upon receipt of a designated payment (pars 16-18,1775). 



Application/Control Number: 10/631,989 
Art Unit: 2137 



Page 8 



As per claim 26, Ginter teaches wherein the recipient device and the delegating 
device collaborate to perform at least one of a cryptographic verification function and a 
cryptographic generation function (pars 918, 1519, 1626, 1673, 1775). 

As per claim 27, Ginter teaches wherein the recipient device includes only a 
limited computational ability associated with performance of the cryptographic function 
(pars 225, 471,473, 1698). 

As per claim 28, Ginter teaches an apparatus comprising: 
a processing device comprising a processor coupled to a memory (pars 225, 
471,473, 1698) 

the processing device being utilized in conjunction with partitioning of 
cryptographic functionality so as to permit delegation of at least one of a plurality of 
distinct portions of the cryptographic functionality from the processing device, 
configured as a delegating device, to at least one recipient device, the cryptographic 
functionality being characterized as a graph comprising a plurality of nodes (pars 74, 
92); 

the processing device being configured to associate a given set of the nodes with 
a corresponding one of the plurality of distinct portions of the cryptographic functionality, 
and to transmit to the recipient device information representative of one or more of the 
nodes (pars 74, 92); 
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the recipient device being configured based on the transmitted information for 
authorized execution of a corresponding one of the plurality of distinct portions of the 
cryptographic functionality (pars 74, 1114, 2187). 

As per claim 29, Ginter teaches an apparatus comprising: a processing device 
comprising: 

a processor coupled to a memory (pars 225, 471 , 473, 1698); 

the processing device being utilized in conjunction with partitioning of 
cryptographic functionality so as to permit delegation of at least one of a plurality of 
distinct portions of the cryptographic functionality to the processing device, configured 
as a recipient device, from at least one delegating device, the cryptographic functionality 
being characterized as a graph comprising a plurality of nodes (pars 73-74); 

a given set of the nodes being associated with a corresponding one of the 
plurality of distinct portions of the cryptographic functionality (pars 74, 92; the 
processing device being operative to receive from the delegating device information 
representative of one or more of the nodes (pars 110, 112), 

the processing device being configured based on the received information for 
authorized execution of a corresponding one of the plurality of distinct portions of the 
cryptographic functionality (pars 74, 1114, 2187). 

As per claim 30, Ginter teaches a machine-readable storage medium containing 
one or more software programs for use in partitioning of cryptographic functionality so 
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as to permit delegation of at least one of a plurality of distinct portions of the 
cryptographic functionality from a delegating device to at least one recipient device, the 
cryptographic functionality being characterized as a graph comprising a plurality of 
nodes, wherein the one or more software programs when executed by the delegating 
device implement the steps of: 

associating a given set of the nodes with a corresponding one of the plurality of 
distinct portions of the cryptographic functionality (pars 74, 92); and 

transmitting from the delegating device to the recipient device information 
representative of one or more of the nodes (pars 110, 112), 

the recipient device being configured based on the transmitted information for 
authorized execution of a corresponding one of the plurality of distinct portions of the 
cryptographic functionality (pars 74, 1114, 2187). 



Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Tamara Teslovich whose telephone number is (571) 

272- 4241 . The examiner can normally be reached on Mon-Fri 8-4:30. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Emmanuel Moise can be reached on (571) 272-3865. The fax phone 
number for the organization where this application or proceeding is assigned is 571- 

273- 8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Tamara Teslovich/ 
Examiner, Art Unit 2137 



/Emmanuel L. Moise/ 

Supervisory Patent Examiner, Art Unit 2137 



